Ransomware victim disclosure
← All victimsStuwarooij
Claimed by Frag · listed 1 year ago
Status timeline
- ListedMar 24, 2025
- Data leakeddate unknown
At a glance
- Group
- Frag
- Status
- Data leaked
- Country
- Netherlands
- Sector
- Transportation/Logistics
- Listed on leak site
- Mar 24, 2025
About the victim
AI dossier — public-source company profileStuwarooij is a Dutch logistics and supply chain company that has provided total logistical solutions for over 25 years, operating with permanent teams to address client logistics needs.
- Industry
- Transportation, Logistics & Supply Chain
Attack summary
Severity: critical — Confirmed exfiltration of sensitive personal identification documents (passports, driving licenses) at scale affecting employees, plus client contact data and financial information. Identity documents and employee PII represent regulated sensitive data.The frag group claims to have exfiltrated financial statements, client and employee contact information, and personal identity documents including employee passports and driving licenses.
Data the group says was taken
AI dossier — extracted from the leak post- Financial statements
- Client contact information
- Employee contact information
- Employee passports
- Employee driving licenses
- Personal identity documents
What the group claims
Transportation, Logistics, Supply Chain and Storage For over 25 years Stuwarooij have been providing total solutions for every logistical question with our permanent teams. Our team was successful in extracting the following documents: Financial statements of the company Contact information of clients and employees The icing on the cake: Employee passports, driving licenses and other personal documents
Sources
- Victim sitestuwarooij.nl
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

